Can you do a traceroute to 8.8.4.4? If it's actually reaching Google's network, then yeah, they're doing deep packet inspection on DNS traffic. If not, they're probably just routing 8.8.4.4 to a DNS server they control.

If their goal is to manipulate traffic to www.youtube.com (probably to block access to certain videos), another solution would be for YouTube to require SSL for all connections coming from Turkish IPs. Of course, this wouldn't work if they got some Turkish (or other) CA to sign a bogus www.youtube.com certificate.

EDIT: As lawl points out, trying to require SSL on www.youtube.com won't work either, since they could just do an sslstrip type attack.

You're right. Maybe if they turned on and required SSL for everyone visiting www.youtube.com and added www.youtube.com to Chrome's preloaded HSTS list and somehow got everyone to use Chrome. Sadly, this probably won't happen, but DNSSEC adoption probably won't happen either. Even with DNSSEC, they could still do deep packet inspection on HTTP traffic going to YouTube IPs and initiate MITM attacks that way.

Erdogan claims that there is a "global conspiracy to stop the rise of Turkey" and people who believe him don't care much about the unlawful things he is doing because you know, Turkey is under attack and extraordinary measures should be taken to protect the country.

Polls show that %77 of the population believe the corruption case against the government is real.

However the situation is really complicated. Without going into details, I have to say that probably there is a real conspiracy orchestrated by the Gulen(islamic cleric allegedly with big influence on the judiciary & law enforcement) movement because some of the leaked tapes seems to be collected illegally.

The Gulen movement was close ally with the government till recently. They probably collected evidence about the corruption in the government since years and waited until the right moment comes to start the criminal case. The PM responded by demonizing the whole movement and suspending the rule of law.

The allegations against the Gulen movement are not proven at all but few years ago the same prosecutors started a case against the military and lot's of unlawful things took place during the whole trail process. That time the PM Erdogan strongly supported the case but today he claims that this was a conspiracy against the Turkish army.

Many lawyers agree that lots of the evidence against the military was fabricated and many people were imprisoned for political reasons.

Back then a sex tape of the main opposition party leader was leaked and PM Erdogan used it as a political tool. Today the same PM claims that these leaks about corruption are invasion of his privacy. Another leak shows that the PM was involved in the filming and distribution of the sex tape of the opposition party.

There are lots of voters believe in Erdogan because he said he's clean. It's all about uneducated public being manipulated through religion and patriotism. He talks about Islam and national flag. He's reading national anthem's lyrics in ads on TV.

Actually, whereas I don't think Turkey is that far "gone" on the antidemocratic spectrum, but it has one thing in common with more severe cases of "border-line" democracy, like Russia: It's not the money that rigs the government, it's the government that rigs the money.

In some sense, the US with their absurdly high campaign spending, avoid this kind of corruption either way just by competition.

Even if a single interest group/company would try to outright "buy" a presidential campaign (which hardly works anyway), all the other interest groups combined have an incentive to "buy" it back. Which is why politicians can't be controlled through donations as often as TV Shows might want you to believe.

Erdogan however just rigs the regulation in a way that benefits his reelection and accumulation of wealth. No competition, no problem...

The US elections are equally rigged - you vote for which faction of the mil-ind complex you like, and whether planned parenthood is funded - but not anything like wars, which simple continue as scheduled.

Rigged? I don't think so. But if you accept that you can't vote for every single decision because of practical reasons (and because multiple single-issue-votes tend to contradict each other), you can only vote for the general direction, and in the US this means you have a choice of about two directions. In other democracies you might have three or four directions but those countries tend to have more issues with incompetency and corruption.

However the "axis" of these two directions is aligned by the general public. If people care about wars, the parties would align towards "war" and "no war" for an election. But they don't, because beginning and ending a war isn't something that works well with elections or any arbitrarily timed decision process for that matter.

Governments have to be able to start a war or not end it at the wrong time, otherwise you might as well let non-democratic countries take you to the cleaners...

> In other democracies you might have three or four directions but those countries tend to have more issues with incompetency and corruption.

That's a joke, right? Germany is more corrupt and less competent than the US? Sweden is? The UK is? On almost every metric of government efficiency, the US is behind most european countries.

> If people care about wars, the parties would align towards "war" and "no war" for an election. But they don't,

This is a stupid assertion. Why would they align towards "war" and "no war" when they don't have to? They have enough divisive things like Row vs. Wade, Planned Parenthood, Food Stamps, ACA, etc to make sure that every single-issue voter is accounted for in one camp or the other.

Do you remember that Obama campaigned on the "Close Gitmo" promise?

> But they don't, because beginning and ending a war isn't something that works well with elections or any arbitrarily timed decision process for that matter. Governments have to be able to start a war or not end it at the wrong time, otherwise you might as well let non-democratic countries take you to the cleaners...

I will assume you are naive, because otherwise I would have to assign malice to your argument. The US has been, for years, opening a new front every couple of years. Regardless of timing, "more military action around the world" and "less military action around the world" are things you can base policy on. In fact, Ron Paul campaigned for the latter. But in a two party system, anything except the big two parties is meaningless, and the big parties like it that way - it means they don't have to align with anything the public at large might actually want.

[sarcasm]
Having been enduring this kind of shit for years in mainland China, I am glad to see that it migrated to the (sort of) 'free' world, eventually!
[/sarcasm]

BTW, I have to manoeuvre some IP addresses of the CDNs in /etc/hosts in order to get access to github.com today, and some others for stack overflow.com last week. Interference from those who have power really sucks!

CDNs nowadays are so vulnerable to political issues, and some CDNs seems to be hurt by extended non-specific attacks/blocks to some other sites sharing the same IP addresses, due to some unrelated reasons, which makes me feel nostalgic to the web before CDNs.

It's hilarious that people are saying DNSSEC can be used in Turkey (or anywhere else) to defend against censorship. Either they don't know what they're talking about or don't care about having an honest discussion. Or both.

Sure, they wouldn't be able to proxy all HTTP requests through their own servers like they're doing now, but they'd still be able to do MITM attacks at the IP level. They're already messing with routes to Google Public DNS IPs so they could just as easily mess with routes to YouTube's IPs. I don't think DNSSEC is the solution in cases like this. Somehow getting everyone to use SSL for everything is a much better solution in my opinion.

I am not just a DNSSEC hater, but the level of misunderstanding on DNSSEC is quite large.

When victim issues a query for youtube.com, I can intercept that query and hand back whatever response I want. Unless the victim KNOWS IN ADVANCE (which DNSSEC doesn't offer) that the response should be DNSSEC signed, they will accept my forged response.

DNSSEC solves problems we don't really have, and ignores the ones we do.

Can't you say the same thing about users who don't know to expect their connection to use TLS? What you're claiming as the problem isn't a problem with DNSSEC, but with the absence of DNSSEC. If DNSSEC were the default, then this attack couldn't happen.

But a government like China interferes with even VPNs (more so outside of the greater Shanghai and Beijing metro areas, in case anyone is sitting in those areas saying "My VPN works great"... they permit it and can block or interfere with it anytime they like) so I don't think they are really a solution. In China, nothing really works if the authorities don't want it to. VPNs are degraded to the point of being unusable, SOCKs proxy over SSH is the same, TOR is unusably slow, etc. Unfortunately, I don't think there really IS a solution in the face of determined governmental interference.

Yes, the Chinese government can interfere with or block VPNs whenever they want.

However, don't discount the impact of bandwidth/peering issues on VPN performance. In most cases, I've found that VPN throughput over TCP (either PPTP or OpenVPN) is similar to HTTP throughput to the same host.

You can test this yourself. Put a file on your VPN server, and try to retrieve it over HTTP. If you're worried that the latency is limiting the throughput, use wget to make several connections at the same time, and sum up the transfer speeds.

Finally, you're right - there is no (technical) solution in the face of determined governmental interference.

By default using a SOCKS proxy (which, using ssh -D is probably the easiest and most common way to do this) in most browsers doesn't solve this problem as DNS resolving is still done locally.

As they're messing with DNS, you'll still be connecting to their evil version of YouTube through your SSH tunnel. In Firefox this behaviour can be changed by toggling network.proxy.socks_remote_dns in about:config.

Of course, setting up an actual tunnel (i.e. on a lower network layer) would be better but that's a bit more complicated to do.

If you're on *nix, sshuttle is the tool you want. It's ssh tunnel on steroids, and it works with every program even if they're not configured to use a SOCKS proxy (such as Flash). It's also faster because it avoids the TCP-over-TCP problem that the usual SOCKS proxy entails.

Aha, I see. I'll look this up in addition to what kijin said (sshuttle).

It's not like our government is blocking anything (there were rumors it was blocking Facebook in 2011, but it wasn't true as I was able to log in without any issue. It was just slow, but it's not like we have the fastest internet here).

Yes, you missed quite a bit. They tried to block Twitter and Youtube, and then people started using Google DNS, OpenDNS or others to circumvent the block.

Some leaks about Erdogan's corruption and false flag attack in Turkey to blame Syria and go to war with it came out in those channels, and he wanted people to stop talking about it or see the leaks. I think some elections are in Turkey soon, too.

There have been some sound recording leaks in Turkey, exposing high ranking government officials' and Erdogan's private conversations, which is absolutely scandalous. This sunday, there will be an election, and the ruling party doesn't want people to listen to these records prior to the election. As you can guess, this material was primarily published through YouTube, hence the blockage.

It's about time Turkey took a step towards US in controlling the flow of information. I mean, how long has this been going on here, undetected? The obvious solution, Turkey, is to target specific individuals after digging into their background, confirming that they are not computer experts before attacking them via their computer.

Your tacit assertion is that if something wrong is done for years, and you find out it's done one more time, you shouldn't bother complaining about it. People like you have existed for all time, and will always exist, but your views truly don't matter: change comes because people continue to fight for what is right, despite the balance of years. Slavery on US soil had been legal and "normal" for hundreds of years, but that didn't stop people from "complaining" about it, and eventually changing it. Women's suffrage, same story. Wanton violation of our 4th Amendment rights in the digital age will proceed accordingly.

What I was trying to say was that Governments do shit like this, regardless of if they are China, North Korea, Turkey or America. In terms of doing things against their citizens, every country is in the Axis of Evil, so STOP complaining and instead get behind projects that will fix this shit by making the internet bulletproof.